using System;
using System.Collections.ObjectModel;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
using System.Web;

namespace DTcms.Common
{
	public class DataSecurity
	{
		public static string ConvertToJavaScript(string str)
		{
			str = str.Replace("\\", "\\\\");
			str = str.Replace("\n", "\\n");
			str = str.Replace("\r", "\\r");
			str = str.Replace("\"", "\\\"");
			return str;
		}

		public static string FilterBadChar(string strchar)
		{
			string result;
			if (string.IsNullOrEmpty(strchar))
			{
				result = "";
			}
			else
			{
				string[] array = new string[]
				{
					"+",
					"'",
					"--",
					"%",
					"^",
					"&",
					"?",
					"(",
					")",
					"<",
					">",
					"[",
					"]",
					"{",
					"}",
					"/",
					"\"",
					";",
					":",
					"Chr(34)",
					"Chr(0)"
				};
				StringBuilder stringBuilder = new StringBuilder(strchar);
				for (int i = 0; i < array.Length; i++)
				{
					string text = stringBuilder.Replace(array[i], "").ToString();
				}
				result = stringBuilder.Replace("@@", "@").ToString();
			}
			return result;
		}

		public static string GetArrayValue(int index, string[] field)
		{
			string result;
			if (field != null && index >= 0 && index < field.Length)
			{
				result = field[index];
			}
			else
			{
				result = string.Empty;
			}
			return result;
		}

		public static string GetArrayValue(int index, Collection<string> field)
		{
			string result;
			if (index >= 0 && index < field.Count)
			{
				result = field[index];
			}
			else
			{
				result = string.Empty;
			}
			return result;
		}

		public static string HtmlDecode(object o)
		{
			string result;
			if (o == null)
			{
				result = null;
			}
			else
			{
				result = DataSecurity.HtmlDecode(o.ToString());
			}
			return result;
		}

		public static string HtmlDecode(string str)
		{
			if (!string.IsNullOrEmpty(str))
			{
				str = str.Replace("<br>", "\n");
				str = str.Replace("&gt;", ">");
				str = str.Replace("&lt;", "<");
				str = str.Replace("&nbsp;", " ");
				str = str.Replace("&#39;", "'");
				str = str.Replace("&quot;", "\"");
			}
			return str;
		}

		public static string HtmlEncode(object o)
		{
			string result;
			if (o == null)
			{
				result = null;
			}
			else
			{
				result = DataSecurity.HtmlEncode(o.ToString());
			}
			return result;
		}

		public static string HtmlEncode(string str)
		{
			if (!string.IsNullOrEmpty(str))
			{
				str = str.Replace("<", "&lt;");
				str = str.Replace(">", "&gt;");
				str = str.Replace(" ", "&nbsp;");
				str = str.Replace("'", "&#39;");
				str = str.Replace("\"", "&quot;");
				str = str.Replace("\r\n", "<br>");
				str = str.Replace("\n", "<br>");
			}
			return str;
		}

		public static int Len(string str)
		{
			int num = 0;
			for (int i = 0; i < str.Length; i++)
			{
				char c = str[i];
				if (c > '\u007f')
				{
					num += 2;
				}
				else
				{
					num++;
				}
			}
			return num;
		}

		public static string GetSubString(string str, int len)
		{
			int num = 0;
			string text = "";
			for (int i = 0; i < str.Length; i++)
			{
				char c = str[i];
				if (c > '\u007f')
				{
					num += 2;
				}
				else
				{
					num++;
				}
				if (num > len)
				{
					break;
				}
				text += c.ToString();
			}
			return text;
		}

		public static string MakeFileRndName()
		{
			return DateTime.Now.ToString("yyyyMMddHHmmss") + DataSecurity.MakeRandomString("0123456789", 4);
		}

		public static string MakeFolderName()
		{
			return DateTime.Now.ToString("yyyyMM");
		}

		public static string MakeRandomString(int pwdlen)
		{
			return DataSecurity.MakeRandomString("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_*", pwdlen);
		}

		public static string MakeRandomStrings(int pwdlen)
		{
			return DataSecurity.MakeRandomString("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", pwdlen);
		}

		public static string MakeRandomString(string pwdchars, int pwdlen)
		{
			StringBuilder stringBuilder = new StringBuilder();
			Random random = new Random(BitConverter.ToInt32(Guid.NewGuid().ToByteArray(), 0));
			for (int i = 0; i < pwdlen; i++)
			{
				int index = random.Next(pwdchars.Length);
				stringBuilder.Append(pwdchars[index]);
			}
			return stringBuilder.ToString();
		}

		public static string RandomNum()
		{
			return DataSecurity.RandomNum(4);
		}

		public static string RandomNum(int intlong)
		{
			Random random = new Random();
			StringBuilder stringBuilder = new StringBuilder("");
			for (int i = 0; i < intlong; i++)
			{
				stringBuilder.Append(random.Next(10));
			}
			return stringBuilder.ToString();
		}

		public static string RestrictedUrl(Uri url)
		{
			string result;
			if (url == null)
			{
				result = null;
			}
			else
			{
				Uri url2;
				Uri.TryCreate(url.AbsolutePath, UriKind.Absolute, out url2);
				result = DataSecurity.RestrictedUrl(url2) + url.Query;
			}
			return result;
		}

		public static string RngCspNum(int strLength)
		{
			if (strLength > 0)
			{
				strLength--;
			}
			else
			{
				strLength = 5;
			}
			byte[] array = new byte[strLength];
			new RNGCryptoServiceProvider().GetBytes(array);
			return BitConverter.ToInt32(array, 0).ToString();
		}

		public static string Strings(string ichar, int i)
		{
			StringBuilder stringBuilder = new StringBuilder("");
			for (int j = 0; j < i; j++)
			{
				stringBuilder.Append(ichar);
			}
			return stringBuilder.ToString();
		}

		public static string UnrestrictedUrl(string path)
		{
			string result;
			if (string.IsNullOrEmpty(path))
			{
				result = path;
			}
			else
			{
				if (VirtualPathUtility.IsAppRelative(path))
				{
					path = VirtualPathUtility.ToAbsolute(path);
				}
				int num = 80;
				string host = HttpContext.Current.Request.Url.Host;
				string arg = (num != 80) ? string.Format(":{0}", num) : "";
				Uri baseUri = new Uri(string.Format("http://{0}{1}", host, arg));
				result = new Uri(baseUri, path).ToString();
			}
			return result;
		}

		public static string UrlEncode(object urlObj)
		{
			string result;
			if (urlObj == null)
			{
				result = null;
			}
			else
			{
				result = DataSecurity.UrlEncode(urlObj.ToString());
			}
			return result;
		}

		public static string UrlEncode(string urlStr)
		{
			string result;
			if (string.IsNullOrEmpty(urlStr))
			{
				result = null;
			}
			else
			{
				result = Regex.Replace(urlStr, "[^a-zA-Z0-9,-_\\.]+", new MatchEvaluator(DataSecurity.UrlEncodeMatch));
			}
			return result;
		}

		public static string UrlEncode1(string url)
		{
			return HttpContext.Current.Server.UrlEncode(url);
		}

		private static string UrlEncodeMatch(Match match)
		{
			string text = match.ToString();
			string result;
			if (text.Length < 1)
			{
				result = text;
			}
			else
			{
				StringBuilder stringBuilder = new StringBuilder();
				string text2 = text;
				for (int i = 0; i < text2.Length; i++)
				{
					char c = text2[i];
					if (c > '\u007f')
					{
						stringBuilder.AppendFormat("%u{0:X4}", (int)c);
					}
					else
					{
						stringBuilder.AppendFormat("%{0:X2}", (int)c);
					}
				}
				result = stringBuilder.ToString();
			}
			return result;
		}

		public static string XmlEncode(string str)
		{
			if (!string.IsNullOrEmpty(str))
			{
				str = str.Replace("&", "&amp;");
				str = str.Replace("<", "&lt;");
				str = str.Replace(">", "&gt;");
				str = str.Replace("'", "&apos;");
				str = str.Replace("\"", "&quot;");
			}
			return str;
		}

		public static bool ProcessSqlStr(string Str)
		{
			bool result = true;
			Str = Str.ToLower();
			try
			{
				if (Str != "")
				{
					string text = "exec |insert |select |delete |update |count |chr |mid |master |truncate |char |declare |*";
					string[] array = text.Split(new char[]
					{
						'|'
					});
					string[] array2 = array;
					for (int i = 0; i < array2.Length; i++)
					{
						string text2 = array2[i];
						string value = text2.Trim();
						if (Str.IndexOf(text2) >= 0 || Str.IndexOf(value) >= 0)
						{
							result = false;
						}
					}
				}
			}
			catch
			{
				result = false;
			}
			return result;
		}

		public static void StartProcessRequest()
		{
			try
			{
				if (HttpContext.Current.Request.QueryString != null)
				{
					for (int i = 0; i < HttpContext.Current.Request.QueryString.Count; i++)
					{
						string name = HttpContext.Current.Request.QueryString.Keys[i];
						if (!DataSecurity.ProcessSqlStr(HttpContext.Current.Request.QueryString[name]))
						{
                            LogHelper.Error("\r\n优惠券错误:数据不能包含SQL注入代码!");
							HttpContext.Current.Response.End();
						}
					}
				}
				if (HttpContext.Current.Request.Form != null)
				{
					for (int i = 0; i < HttpContext.Current.Request.Form.Count; i++)
					{
						string name = HttpContext.Current.Request.Form.Keys[i];
						if (!DataSecurity.ProcessSqlStr(HttpContext.Current.Request.Form[name]))
						{
                            LogHelper.Error("\r\n优惠券错误:数据不能包含SQL注入代码!");
							HttpContext.Current.Response.End();
						}
					}
				}
			}
			catch
			{
                LogHelper.Error("\r\n优惠券错误:处理数据时出现异常!");
				HttpContext.Current.Response.End();
			}
		}
	}
}
